inspec/www/source/index.html.slim
hannah-radish 959f1e2ee0 HM website optimization (#2699)
* Font awesome

* Scroll to resources - done

* Overwriting swift type styles

* Fixed links

* Remove DL bin

* lint

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* lint

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* Add new breakpoints
2018-02-19 13:14:01 -08:00

281 lines
12 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: InSpec - Audit and Test Framework
---
/! header
header.bg-gradient.margin-top-offset.short-bg.relative
.row.align.margin-top-sm
.large-7.medium-7.columns.z-20
.margin-both
h1.t-white InSpec is compliance as code
h3.t-white Turn your compliance, security, and other policy requirements into automated tests.
/! buttons
.row.align.columns.margin-top-sm
a.button.btn-lg.btn-purple.shadow-dark.margin-right-xs href="/downloads"
i.fa.fa-cloud-download
span download inspec 2.0
a.button.btn-lg.btn-white-o.shadow-dark href="/tutorials" browse tutorials
a class="github-button" href="https://github.com/chef/inspec" data-size="large" data-show-count="true" aria-label="Star chef/inspec on GitHub" Star
.large-5.medium-5.columns.relative
/! diamond image
img.diamond src="/images/home/diamond.png" /
img.grid-animate.fit.z-20 src="/images/home/web.svg" /
/! announcement
.row.columns
.box-white.shadow.z-20
h3 What's new in InSpec 2.0?
p See into the cloud for continuous compliance everywhere.
.margin-top-sm.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple cloud
p InSpec now supports testing configurations for cloud provider platforms such as AWS or Azure. Test additional components, such as Docker containers and network infrastructure — without adding anything extra.
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple coverage
p 30 new resources to get you started writing compliance rules for apps, containers, and system configuration files.
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple speed
p Significantly faster, with 90% performance gains on Windows and 30% gains on Linux.
#expand
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple Integration
p Chef Automate can be used as a source for compliance profiles and to store InSpec reports. InSpec results can be exported in JUnit format for integration into CI/CD tools like Jenkins.
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple Ease
p Its now easier to write and debug custom resources you create using InSpec Shell.
.margin-top-xs
a#expandBtn Show all new features
/! canvas elements
#particles-js.particles
canvas.particles-js-canvas-el /
/! Get started
.margin-both
.row.relative
.columns
hr
small.t-gray How InSpec works
h2.txt-margin Get started with InSpec in 3 simple steps
hr
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs href="/demo" try the inspec demo
.large-5.medium-5.columns.blue-grid
img.grid-animate.fit src="/images/community/blue-web.svg"
.margin-top-sm
.row.align
.large-6.medium-6.columns
.flex.align
.num-container
h3.t-purple 1
.block.margin-left-sm
h4.t-purple write the test
p Create simple Ruby-based tests to verify your expected state against the current state of your systems.
.large-6.medium-6.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.box-scroll.tip.shadow
pre.slide-up-slow.animate-delay-10
code control 'example-1.0' do
code impact 0.9
code title 'Ensure login disabled'
code desc 'An optional description...'
code describe sshd_config do
code its('PermitRootLogin') {
code should_not cmp 'yes'
code }
code end
code end
.margin-top-xs
.row.align
.large-6.medium-6.columns
.flex.align
.num-container
h3.t-purple 2
.block.margin-left-sm
h4.t-purple run the test
p Execute your test against your target system locally or remotely with one simple command.
.large-6.medium-6.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.tip.shadow
pre
code $ inspec exec linux-baseline
.margin-top-xs
.row.align
.large-6.medium-6.columns
.flex.align
.num-container
h3.t-purple 3
.block.margin-left-sm
h4.t-purple See the results
p See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.
.large-6.medium-6.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.box-scroll.tip.shadow
pre.slide-up-slow.animate-delay-20
code Profile: InSpec Profile (example_profile)
code Version: 0.1.0
code Target: local://
br
code ✔ example-1.0: Ensure root login is disabled via SSH
code ✔ SSHD Configuration PermitRootLogin should not cmp == "yes"
br
code Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
code Test Summary: 1 successful, 0 failures, 0 skipped
/! how it works
.row.relative.margin-under-sm
.columns.strict-center
hr.center
small.t-gray Features of InSpec
h2.txt-margin InSpec is compliance by design
hr.center
.row.strict-center
.large-6.medium-6.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/platform.svg" /
h4.t-purple Platform Agnostic
p
| InSpec supports all major operating systems and is platform agnostic, allowing you the freedom to run compliance assessments anywhere.
img.icon-logos src="/images/home/platform-logos.svg" /
.triangle-right
.large-6.medium-6.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/test.svg" /
h4.t-purple Test locally or remotely
p
| InSpec provides a local agent for host-based assessments, as well as full remote testing support via SSH and WinRM.
img.icon-logos src="/images/home/test-logos.svg" /
.triangle-right
.row.strict-center
.large-6.medium-6.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/run.svg" /
h4.t-purple Free to run anywhere
p
| InSpec is an open-source language that can easily express compliance as code, with the freedom to run anywhere.
.triangle-right
.large-6.medium-6.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/extensible.svg" /
h4.t-purple Extensible language
p
| Easily extend the InSpec language to cover new operating systems, devices, or applications.
.triangle-right
/! use cases
.bg-gradient.margin-top
.pad-both.relative
#particles-second
canvas.particles-js-canvas-el
.slider
.row
.columns.selectors.z-20
a.button.btn-lg.btn-slider.shadow-dark for Compliance
a.button.btn-lg.btn-slider.shadow-dark for Infrastructure
a.button.btn-lg.btn-slider.shadow-dark for Provisioning
.view
.row
.large-7.medium-7.columns
h2.t-white.margin-both-sm
| Transform your compliance and security requirements into simple code
.row
.large-6.medium-6.columns.z-20
.box-white.shadow-dark.fit-height
.block.margin-both-xs
h4.t-purple Codify agreements
p Combine profiles and customize them with overlays. Pick controls and define exceptions as code.
.block.margin-under-xs
h4.t-purple Add context to your tests
p Utilize many fields like descriptions, tags, and impact.
.block
h4.t-purple Apply to all systems
p Analyze everything using the same codified profiles and controls.
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs href="/demo" try the inspec demo
.large-6.medium-6.columns.z-20
.box-dark.shadow-dark.fit-height
pre.t-white.align-vertical-50
code control 'sshd-21' do
code title 'Set SSH Protocol to 2'
code desc 'A detailed description'
code impact 1.0 # This is critical ref 'compliance guide, section 2.1'
code describe sshd_config do
code its('Protocol') { should cmp 2 }
code end
code end
.view
.row
.large-7.medium-7.columns
h2.t-white.margin-both-sm
| Solve your infrastructure testing needs simply and efficiently
.row
.large-6.medium-6.columns.z-20
.box-white.shadow-dark.fit-height
.block.margin-both-xs
h4.t-purple Test the desired state
p Verify the current desired state of your apps and infrastructure according to the code you write.
.block.margin-under-xs
h4.t-purple HUMAN-READABLE CODE
p Reduce friction by writing tests that are easy to understand by anyone.
.block
h4.t-purple Extensible
p Create custom resources with ease and share them easily with others.
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs href="/demo" try the inspec demo
.large-6.medium-6.columns.z-20
.box-dark.shadow-dark.fit-height
pre.t-white.align-vertical-50
code describe file('/etc/myapp.conf') do
code it { should exist }
code its('mode') { should cmp 0644 }
code end
br
code describe myapp.conf do
code its('port') { should cmp 8080 }
code end
br
code describe port(8080) do
code it { should be_listening }
code end
.view
.row
.large-7.medium-7.columns
h2.t-white.margin-both-sm
| Verify provisioning to cloud providers
.row
.large-6.medium-6.columns.z-20
.box-white.shadow-dark.fit-height
.block.margin-both-xs
h4.t-purple Test AWS and Azure configuration
p Verify all necessary settings of your favorite public cloud providers.
.block.margin-under-xs
h4.t-purple Test provisioners
p InSpec can be used in combination with Cloudformation, Azure resource manager templates and Terraform.
.block
h4.t-purple Verify security configuration
p Ensure that your cloud deployments are not open to malicious attacks due to misconfiguration.
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs href="/demo" try the inspec demo
.large-6.medium-6.columns.z-20
.box-dark.shadow-dark.fit-height
pre.t-white.align-vertical-50
code describe aws_s3_bucket(bucket_name: 'my_secret_files') do
code it { should exist }
code it { should_not be_public }
code end
br
code describe aws_iam_user(username: 'test_user') do
code it { should have_mfa_enabled }
code it { should_not have_console_password }
code end
.scrollToTop.shadow-dark
img#scrollup src="/images/home/arrow.svg"